Bugtraq mailing list archives
Re: [Full-disclosure] Apple Safari: cookie stealing
From: Michal Zalewski <lcamtuf () dione ids pl>
Date: Wed, 13 Jun 2007 16:46:59 +0200 (CEST)
On Wed, 13 Jun 2007, Robert Swiecki wrote:
The flaw exists in the javascript's window.setTimeout() implementation.
Forgive me the rant, but... all other recently reported problems aside, seeing this, I can only ask - which rock did Safari developers hide under for the past 8 years or so? I mean... this is the type of a flaw you probably no longer even to test for because it seems too obvious - 'ping -l 65510' of the browser world... /mz
Current thread:
- Apple Safari: cookie stealing Robert Swiecki (Jun 13)
- Re: [Full-disclosure] Apple Safari: cookie stealing Michal Zalewski (Jun 13)
- Re: [Full-disclosure] Apple Safari: urlbar/window title spoofing Robert Swiecki (Jun 15)
- Re: [Full-disclosure] Apple Safari: urlbar/window title spoofing Mark Senior (Jun 15)
- Re: Apple Safari: idn urlbar spoofing Robert Swiecki (Jun 25)
- RE: [Full-disclosure] Apple Safari: idn urlbar spoofing Larry Seltzer (Jun 25)
- Re: [Full-disclosure] Apple Safari: idn urlbar spoofing Michal Zalewski (Jun 25)
- Re: Apple Safari: idn urlbar spoofing Robert Swiecki (Jun 27)